K-12 Educational Sector Is a Target for Ransomware Gangs
A Michigan school district suspended operations for a second day as a forensics team investigates a cyberattack that put at risk the personal information of students across four elementary schools and three middle and high schools.
The more than 3,000 students comprising the South Redford School District in suburban Detroit have been warned against using devices issued by the district.
Investigation into the attack is expected to “limit access and exposure to our technology and networked systems,” the school district says.
High school student Jaylen Green told local TV station WJBK the district sent a notification over smartphones. “It said don’t go on your Chromebooks, don’t do nothing on your phone that is, like, school-related, like, the websites we use to do our schoolwork, Google Slides, stuff like that,” Green said.
One parent saw the bright side of the incident. “I just told her she can’t get on her Chromebook today, so we’re cleaning instead!” said Sheantez Kimling Mackey of her child, to TV station WXYZ.
The incident follows a slew of recent ransomware attacks on school districts, including the one on California’s largest public school system, whose data was put on sale on the dark web months before the attack.
The FBI, the Cybersecurity and Infrastructure Security Agency and the Multi-State Information Sharing and Analysis Center earlier this month warned school districts that cybercriminals increasingly target the education sector with ransomware. Kindergarten through high school districts are seen as “particularly lucrative targets due to the amount of sensitive student data,” federal officials warned.
Emsisoft analyst Brett Callow, who tracks cyberattacks on the education sector, told Information Security Media Group that the back-to-school period of late summer and early fall is an especially active time for ransomware in the education sector. School districts have “proven to be profitable targets,” he says. “Ransomware gangs are very predictable. If attacks on a sector have good return on investment, that sector will be attacked again and again,” Callow tells ISMG.
Congressional watchdog the Government Accountability Office last October warned that the Department of Education hasn’t updated cybersecurity guidance for the K-12 sector since 2010, making the sector less likely to have access to federal support to help protect against cyberattacks.